news 28 Posted July 30, 2008 This is a multi-part message in MIME format... ------------=_1217456436-11275-7689 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:159 http://www.mandriva.com/security/ _______________________________________________________________________ Package : licq Date : July 30, 2008 Affected: Corporate 3.0 _______________________________________________________________________ Problem Description: A flaw was discovered in licq versions prior to 1.3.6 that allowed a remote attacker to cause a denial of service (crash) via a large number of connections (CVE-2008-1996). The updated packages have been patched to correct this issue. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1996 _______________________________________________________________________ Updated Packages: Corporate 3.0: 21eeaee9cb3cf2d08ae88d8b7cf2fa37 corporate/3.0/i586/licq-1.2.6-4.1.C30mdk.i586.rpm c34da703336360445712ef3ee0084044 corporate/3.0/i586/licq-console-1.2.6-4.1.C30mdk.i586.rpm e96365e0de435b58da9bfa1a4eb97c05 corporate/3.0/i586/licq-devel-1.2.6-4.1.C30mdk.i586.rpm ff6519f33221014a561cc0b58c922759 corporate/3.0/i586/licq-kde-1.2.6-4.1.C30mdk.i586.rpm 21407c1b60968e5fc53f53547dd9ead3 corporate/3.0/i586/licq-rms-1.2.6-4.1.C30mdk.i586.rpm d8f945d6cc1d68661e86671292792570 corporate/3.0/SRPMS/licq-1.2.6-4.1.C30mdk.src.rpm Corporate 3.0/X86_64: 9c5b08c20bf4b3c27f48c4949989ac3e corporate/3.0/x86_64/licq-1.2.6-4.1.C30mdk.x86_64.rpm 8f0f0817583ccd0b53849fc5d4dc6b96 corporate/3.0/x86_64/licq-console-1.2.6-4.1.C30mdk.x86_64.rpm 461b4806220a35965e765d3cd74bd8df corporate/3.0/x86_64/licq-devel-1.2.6-4.1.C30mdk.x86_64.rpm 4bfd1a25ac3a1a359b3eeba8cac747a1 corporate/3.0/x86_64/licq-kde-1.2.6-4.1.C30mdk.x86_64.rpm b5587b1c7d2aaf5976ef3690d4a2f090 corporate/3.0/x86_64/licq-rms-1.2.6-4.1.C30mdk.x86_64.rpm d8f945d6cc1d68661e86671292792570 corporate/3.0/SRPMS/licq-1.2.6-4.1.C30mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIkLpdmqjQ0CJFipgRAuWrAKCQJvXnfiPqkWhzBXJwbyUiQUJzCQCgpZ6Z yPJs5VizxlzN5Wpa2QiRoQ8= =zsIO -----END PGP SIGNATURE----- ------------=_1217456436-11275-7689 Content-Type: text/plain; name="message-footer.txt" Content-Disposition: inline; filename="message-footer.txt" Content-Transfer-Encoding: 8bit To unsubscribe, send a email to sympa ( -at -) mandrivalinux.org with this subject : unsubscribe security-announce _______________________________________________________ Want to buy your Pack or Services from Mandriva? Go to http://www.mandrivastore.com Join the Club : http://www.mandrivaclub.com _______________________________________________________ ------------=_1217456436-11275-7689-- Share this post Link to post
